Eric Lee / smarc-fsl-linux-kernel

06 Sep, 2009

1 commit

03 Sep, 2009

1 commit

02 Sep, 2009

2 commits

  • 2fbd3da38   pkt_sched: Revert tasklet_hrtimer changes. ... Browse Code »

    These are full of unresolved problems, mainly that conversions don't
    work 1-1 from hrtimers to tasklet_hrtimers because unlike hrtimers
    tasklets can't be killed from softirq context.

    And when a qdisc gets reset, that's exactly what we need to do here.

    We'll work this out in the net-next-2.6 tree and if warranted we'll
    backport that work to -stable.

    This reverts the following 3 changesets:

    a2cb6a4dd470d7a64255a10b843b0d188416b78f
    ("pkt_sched: Fix bogon in tasklet_hrtimer changes.")

    38acce2d7983632100a9ff3fd20295f6e34074a8
    ("pkt_sched: Convert CBQ to tasklet_hrtimer.")

    ee5f9757ea17759e1ce5503bdae2b07e48e32af9
    ("pkt_sched: Convert qdisc_watchdog to tasklet_hrtimer")

    Signed-off-by: David S. Miller

    David S. Miller
     
  • d66ee0587   net: sk_free() should be allowed right after sk_alloc() ... Browse Code »

    After commit 2b85a34e911bf483c27cfdd124aeb1605145dc80
    (net: No more expensive sock_hold()/sock_put() on each tx)
    sk_free() frees socks conditionally and depends
    on sk_wmem_alloc being set e.g. in sock_init_data(). But in some
    cases sk_free() is called earlier, usually after other alloc errors.

    Fix is to move sk_wmem_alloc initialization from sock_init_data()
    to sk_alloc() itself.

    Signed-off-by: Jarek Poplawski
    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Jarek Poplawski
     

29 Aug, 2009

1 commit

  • 2574cc9f4   SUNRPC: Fix rpc_task_force_reencode ... Browse Code »

    This patch fixes the bug that was reported in
    http://bugzilla.kernel.org/show_bug.cgi?id=14053

    If we're in the case where we need to force a reencode and then resend of
    the RPC request, due to xprt_transmit failing with a networking error, then
    we _must_ retransmit the entire request.

    Signed-off-by: Trond Myklebust
    Cc: stable@kernel.org
    Signed-off-by: Linus Torvalds

    Trond Myklebust
     

28 Aug, 2009

2 commits

  • cf481442f   Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ericvh/v9fs ... Browse Code »

    * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ericvh/v9fs:
    9p: update documentation pointers
    9p: remove unnecessary v9fses->options which duplicates the mount string
    net/9p: insulate the client against an invalid error code sent by a 9p server
    9p: Add missing cast for the error return value in v9fs_get_inode
    9p: Remove redundant inode uid/gid assignment
    9p: Fix possible regressions when ->get_sb fails.
    9p: Fix v9fs show_options
    9p: Fix possible memleak in v9fs_inode_from fid.
    9p: minor comment fixes
    9p: Fix possible inode leak in v9fs_get_inode.
    9p: Check for error in return value of v9fs_fid_add

    Linus Torvalds
     
  • 788d908f2   ipv4: make ip_append_data() handle NULL routing table ... Browse Code »

    Add a check in ip_append_data() for NULL *rtp to prevent future bugs in
    callers from being exploitable.

    Signed-off-by: Julien Tinnes
    Signed-off-by: Tavis Ormandy
    Acked-by: David S. Miller
    Signed-off-by: Linus Torvalds

    Julien TINNES
     

26 Aug, 2009

1 commit

25 Aug, 2009

2 commits

  • a2cb6a4dd   pkt_sched: Fix bogon in tasklet_hrtimer changes. ... Browse Code »

    Reported by Stephen Rothwell, luckily it's harmless:

    net/sched/sch_api.c: In function 'qdisc_watchdog':
    net/sched/sch_api.c:460: warning: initialization from incompatible pointer type
    net/sched/sch_cbq.c: In function 'cbq_undelay':
    net/sched/sch_cbq.c:595: warning: initialization from incompatible pointer type

    Signed-off-by: David S. Miller

    David S. Miller
     
  • 1cac6ec9b   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 ... Browse Code »

    * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6:
    smc91x: let smc91x work well under netpoll
    pxaficp-ir: remove incorrect net_device_ops
    NET: llc, zero sockaddr_llc struct
    drivers/net: fixed drivers that support netpoll use ndo_start_xmit()
    netpoll: warning for ndo_start_xmit returns with interrupts enabled
    net: Fix Micrel KSZ8842 Kconfig description
    netfilter: xt_quota: fix wrong return value (error case)
    ipv6: Fix commit 63d9950b08184e6531adceb65f64b429909cc101 (ipv6: Make v4-mapped bindings consistent with IPv4)
    E100: fix interaction with swiotlb on X86.
    pkt_sched: Convert CBQ to tasklet_hrtimer.
    pkt_sched: Convert qdisc_watchdog to tasklet_hrtimer
    rtl8187: always set MSR_LINK_ENEDCA flag with RTL8187B
    ibm_newemac: emac_close() needs to call netif_carrier_off()
    net: fix ks8851 build errors
    net: Rename MAC platform driver for w90p910 platform
    yellowfin: Fix buffer underrun after dev_alloc_skb() failure
    orinoco: correct key bounds check in orinoco_hw_get_tkip_iv
    mac80211: fix todo lock

    Linus Torvalds
     

24 Aug, 2009

5 commits

  • 28e9fc592   NET: llc, zero sockaddr_llc struct ... Browse Code »

    sllc_arphrd member of sockaddr_llc might not be changed. Zero sllc
    before copying to the above layer's structure.

    Signed-off-by: Jiri Slaby
    Signed-off-by: David S. Miller

    Jiri Slaby
     
  • 79b1bee88   netpoll: warning for ndo_start_xmit returns with interrupts enabled ... Browse Code »

    WARN_ONCE for ndo_start_xmit() enable interrupts in netpoll_send_skb(),
    because the NETPOLL API requires that interrupts remain disabled in
    netpoll_send_skb().

    Signed-off-by: Dongdong Deng
    Acked-by: Matt Mackall
    Signed-off-by: David S. Miller

    Dongdong Deng
     
  • 2149f66f4   netfilter: xt_quota: fix wrong return value (error case) ... Browse Code »

    Success was indicated on a memory allocation failure, thereby causing
    a crash due to a later NULL deref.
    (Affects v2.6.30-rc1 up to here.)

    Signed-off-by: Jan Engelhardt
    Signed-off-by: Patrick McHardy
    Signed-off-by: David S. Miller

    Patrick McHardy
     
  • ca6982b85   ipv6: Fix commit 63d9950b08184e6531adceb65f64b429909cc101 (ipv6: Make v4-mapped … ... Browse Code »

    …bindings consistent with IPv4)

    Commit 63d9950b08184e6531adceb65f64b429909cc101
    (ipv6: Make v4-mapped bindings consistent with IPv4)
    changes behavior of inet6_bind() for v4-mapped addresses so it should
    behave the same way as inet_bind().

    During this change setting of err to -EADDRNOTAVAIL got lost:

    af_inet.c:469 inet_bind()
    err = -EADDRNOTAVAIL;
    if (!sysctl_ip_nonlocal_bind &&
    !(inet->freebind || inet->transparent) &&
    addr->sin_addr.s_addr != htonl(INADDR_ANY) &&
    chk_addr_ret != RTN_LOCAL &&
    chk_addr_ret != RTN_MULTICAST &&
    chk_addr_ret != RTN_BROADCAST)
    goto out;

    af_inet6.c:463 inet6_bind()
    if (addr_type == IPV6_ADDR_MAPPED) {
    int chk_addr_ret;

    /* Binding to v4-mapped address on a v6-only socket
    * makes no sense
    */
    if (np->ipv6only) {
    err = -EINVAL;
    goto out;
    }

    /* Reproduce AF_INET checks to make the bindings consitant */
    v4addr = addr->sin6_addr.s6_addr32[3];
    chk_addr_ret = inet_addr_type(net, v4addr);
    if (!sysctl_ip_nonlocal_bind &&
    !(inet->freebind || inet->transparent) &&
    v4addr != htonl(INADDR_ANY) &&
    chk_addr_ret != RTN_LOCAL &&
    chk_addr_ret != RTN_MULTICAST &&
    chk_addr_ret != RTN_BROADCAST)
    goto out;
    } else {

    Signed-off-by Bruno Prémont <bonbons@linux-vserver.org>
    Signed-off-by: David S. Miller <davem@davemloft.net>

    Bruno Prémont
     
  • 38acce2d7   pkt_sched: Convert CBQ to tasklet_hrtimer. ... Browse Code »

    This code expects to run in softirq context, and bare hrtimers
    run in hw IRQ context.

    Signed-off-by: David S. Miller
    Acked-by: Thomas Gleixner

    David S. Miller
     

23 Aug, 2009

1 commit

19 Aug, 2009

2 commits

  • 08fdef993   Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-2.6 Browse Code »
    David S. Miller
     
  • 8486a0f95   Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 ... Browse Code »

    * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (60 commits)
    net: restore gnet_stats_basic to previous definition
    NETROM: Fix use of static buffer
    e1000e: fix use of pci_enable_pcie_error_reporting
    e1000e: WoL does not work on 82577/82578 with manageability enabled
    cnic: Fix locking in init/exit calls.
    cnic: Fix locking in start/stop calls.
    bnx2: Use mutex on slow path cnic calls.
    cnic: Refine registration with bnx2.
    cnic: Fix symbol_put_addr() panic on ia64.
    gre: Fix MTU calculation for bound GRE tunnels
    pegasus: Add new device ID.
    drivers/net: fixed drivers that support netpoll use ndo_start_xmit()
    via-velocity: Fix test of mii_status bit VELOCITY_DUPLEX_FULL
    rt2x00: fix memory corruption in rf cache, add a sanity check
    ixgbe: Fix receive on real device when VLANs are configured
    ixgbe: Do not return 0 in ixgbe_fcoe_ddp() upon FCP_RSP in DDP completion
    netxen: free napi resources during detach
    netxen: remove netxen workqueue
    ixgbe: fix issues setting rx-usecs with legacy interrupts
    can: fix oops caused by wrong rtnl newlink usage
    ...

    Linus Torvalds
     

18 Aug, 2009

5 commits

  • c1a8f1f1c   net: restore gnet_stats_basic to previous definition ... Browse Code »

    In 5e140dfc1fe87eae27846f193086724806b33c7d "net: reorder struct Qdisc
    for better SMP performance" the definition of struct gnet_stats_basic
    changed incompatibly, as copies of this struct are shipped to
    userland via netlink.

    Restoring old behavior is not welcome, for performance reason.

    Fix is to use a private structure for kernel, and
    teach gnet_stats_copy_basic() to convert from kernel to user land,
    using legacy structure (struct gnet_stats_basic)

    Based on a report and initial patch from Michael Spang.

    Reported-by: Michael Spang
    Signed-off-by: Eric Dumazet
    Signed-off-by: David S. Miller

    Eric Dumazet
     
  • c6ba973b8   NETROM: Fix use of static buffer ... Browse Code »

    The static variable used by nr_call_to_digi might result in corruption if
    multiple threads are trying to usee a node or neighbour via ioctl. Fixed
    by having the caller pass a structure in. This is safe because nr_add_node
    rsp. nr_add_neigh will allocate a permanent structure, if needed.

    Signed-off-by: Ralf Baechle
    Signed-off-by: David S. Miller

    Ralf Baechle
     
  • 0aad37ef3   net/9p: insulate the client against an invalid error code sent by a 9p server ... Browse Code »

    A looney tunes server sending an invalid error code (which is !IS_ERR_VALUE)
    can result in a client oops. So fix it by adding a check and converting unknown
    or invalid error codes to -ESERVERFAULT.

    Signed-off-by: Abhishek Kulkarni
    Signed-off-by: Eric Van Hensbergen

    Abhishek Kulkarni
     
  • 0e15597eb   9p: minor comment fixes ... Browse Code »

    Fix the comments -- mostly the improper and/or missing descriptions
    of function parameters.

    Signed-off-by: Abhishek Kulkarni
    Signed-off-by: Eric Van Hensbergen

    Abhishek Kulkarni
     
  • 523d2f698   mac80211: fix todo lock ... Browse Code »

    The key todo lock can be taken from different locks
    that require it to be _bh to avoid lock inversion
    due to (soft)irqs.

    This should fix the two problems reported by Bob and
    Gabor:
    http://mid.gmane.org/20090619113049.GB18956@hash.localnet
    http://mid.gmane.org/4A3FA376.8020307@openwrt.org

    Signed-off-by: Johannes Berg
    Cc: Bob Copeland
    Cc: Gabor Juhos
    Signed-off-by: John W. Linville

    Johannes Berg
     

15 Aug, 2009

1 commit

  • 8cdb04563   gre: Fix MTU calculation for bound GRE tunnels ... Browse Code »

    The GRE header length should be subtracted when the tunnel MTU is
    calculated. This just corrects for the associativity change
    introduced by commit 42aa916265d740d66ac1f17290366e9494c884c2
    ("gre: Move MTU setting out of ipgre_tunnel_bind_dev").

    Signed-off-by: Tom Goff
    Signed-off-by: David S. Miller

    Tom Goff
     

14 Aug, 2009

2 commits

  • 416fbdff2   mac80211: fix panic when splicing unprepared TIDs ... Browse Code »

    We splice skbs from the pending queue for a TID
    onto the local pending queue when tearing down a
    block ack request. This is not necessary unless we
    actually have received a request to start a block ack
    request (rate control, for example). If we never received
    that request we should not be splicing the tid pending
    queue as it would be null, causing a panic.

    Not sure yet how exactly we allowed through a call when the
    tid state does not have at least HT_ADDBA_REQUESTED_MSK set,
    that will require some further review as it is not quite
    obvious.

    For more information see the bug report:

    http://bugzilla.kernel.org/show_bug.cgi?id=13922

    This fixes this oops:

    BUG: unable to handle kernel NULL pointer dereference at 00000030
    IP: [] ieee80211_agg_splice_packets+0x40/0xc0 [mac80211]
    *pdpt = 0000000002d1e001 *pde = 0000000000000000
    Thread overran stack, or stack corrupted
    Oops: 0000 [#1] SMP
    last sysfs file: /sys/module/aes_generic/initstate
    Modules linked in:

    Pid: 0, comm: swapper Not tainted (2.6.31-rc5-wl #2) Dell DV051
    EIP: 0060:[] EFLAGS: 00010292 CPU: 0
    EIP is at ieee80211_agg_splice_packets+0x40/0xc0 [mac80211]
    EAX: 00000030 EBX: 0000004c ECX: 00000003 EDX: 00000000
    ESI: c1c98000 EDI: f745a1c0 EBP: c076be58 ESP: c076be38
    DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
    Process swapper (pid: 0, ti=c076a000 task=c0709160 task.ti=c076a000)
    Stack:
    Call Trace:
    [] ? ieee80211_stop_tx_ba_cb+0xab/0x150 [mac80211]
    [] ? ieee80211_tasklet_handler+0xce/0x110 [mac80211]
    [] ? net_rx_action+0xef/0x1d0
    [] ? tasklet_action+0x58/0xc0
    [] ? __do_softirq+0xc2/0x190
    [] ? handle_IRQ_event+0x58/0x140
    [] ? ack_apic_level+0x7e/0x270
    [] ? do_softirq+0x3d/0x40
    [] ? irq_exit+0x65/0x90
    [] ? do_IRQ+0x4f/0xc0
    [] ? irq_exit+0x7d/0x90
    [] ? smp_apic_timer_interrupt+0x57/0x90
    [] ? common_interrupt+0x29/0x30
    [] ? mwait_idle+0xbe/0x100
    [] ? cpu_idle+0x52/0x90
    [] ? rest_init+0x55/0x60
    [] ? start_kernel+0x315/0x37d
    [] ? unknown_bootoption+0x0/0x1f9
    [] ? i386_start_kernel+0x79/0x81
    Code:
    EIP: [] ieee80211_agg_splice_packets+0x40/0xc0 [mac80211] SS:ESP 0068:c076be38
    CR2: 0000000000000030

    Cc: stable@kernel.org
    Testedy-by: Jack Lau
    Signed-off-by: Luis R. Rodriguez
    Signed-off-by: John W. Linville

    Luis R. Rodriguez
     
  • e69495838   Make sock_sendpage() use kernel_sendpage() ... Browse Code »

    kernel_sendpage() does the proper default case handling for when the
    socket doesn't have a native sendpage implementation.

    Now, arguably this might be something that we could instead solve by
    just specifying that all protocols should do it themselves at the
    protocol level, but we really only care about the common protocols.
    Does anybody really care about sendpage on something like Appletalk? Not
    likely.

    Acked-by: David S. Miller
    Acked-by: Julien TINNES
    Acked-by: Tavis Ormandy
    Cc: stable@kernel.org
    Signed-off-by: Linus Torvalds

    Linus Torvalds
     

10 Aug, 2009

4 commits

  • 418372b0a   sctp: fix missing destroy of percpu counter variable in sctp_proc_exit() ... Browse Code »

    Commit 1748376b6626acf59c24e9592ac67b3fe2a0e026,
    net: Use a percpu_counter for sockets_allocated

    added percpu_counter function calls to sctp_proc_init code path, but
    forgot to add them to sctp_proc_exit(). This resulted in a following
    Ooops when performing this test
    # modprobe sctp
    # rmmod -f sctp
    # modprobe sctp

    [ 573.862512] BUG: unable to handle kernel paging request at f8214a24
    [ 573.862518] IP: [] __percpu_counter_init+0x3f/0x70
    [ 573.862530] *pde = 37010067 *pte = 00000000
    [ 573.862534] Oops: 0002 [#1] SMP
    [ 573.862537] last sysfs file: /sys/module/libcrc32c/initstate
    [ 573.862540] Modules linked in: sctp(+) crc32c libcrc32c binfmt_misc bridge
    stp bnep lp snd_hda_codec_analog snd_hda_intel snd_hda_codec snd_hwdep
    snd_pcm_oss snd_mixer_oss arc4 joydev snd_pcm ecb pcmcia snd_seq_dummy
    snd_seq_oss iwlagn iwlcore snd_seq_midi snd_rawmidi snd_seq_midi_event
    yenta_socket rsrc_nonstatic thinkpad_acpi snd_seq snd_timer snd_seq_device
    mac80211 psmouse sdhci_pci sdhci nvidia(P) ppdev video snd soundcore serio_raw
    pcspkr iTCO_wdt iTCO_vendor_support led_class ricoh_mmc pcmcia_core intel_agp
    nvram agpgart usbhid parport_pc parport output snd_page_alloc cfg80211 btusb
    ohci1394 ieee1394 e1000e [last unloaded: sctp]
    [ 573.862589]
    [ 573.862593] Pid: 5373, comm: modprobe Tainted: P R (2.6.31-rc3 #6)
    7663B15
    [ 573.862596] EIP: 0060:[] EFLAGS: 00010286 CPU: 1
    [ 573.862599] EIP is at __percpu_counter_init+0x3f/0x70
    [ 573.862602] EAX: f8214a20 EBX: f80faa14 ECX: c48c0000 EDX: f80faa20
    [ 573.862604] ESI: f80a7000 EDI: 00000000 EBP: f69d5ef0 ESP: f69d5eec
    [ 573.862606] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
    [ 573.862610] Process modprobe (pid: 5373, ti=f69d4000 task=c2130c70
    task.ti=f69d4000)
    [ 573.862612] Stack:
    [ 573.862613] 00000000 f69d5f18 f80a70a8 f80fa9fc 00000000 fffffffc f69d5f30
    c018e2d4
    [ 573.862619] 00000000 f80a7000 00000000 f69d5f88 c010112b 00000000
    c07029c0 fffffffb
    [ 573.862626] 00000000 f69d5f38 c018f83f f69d5f54 c0557cad f80fa860
    00000001 c07010c0
    [ 573.862634] Call Trace:
    [ 573.862644] [] ? sctp_init+0xa8/0x7d4 [sctp]
    [ 573.862650] [] ? marker_update_probe_range+0x184/0x260
    [ 573.862659] [] ? sctp_init+0x0/0x7d4 [sctp]
    [ 573.862662] [] ? do_one_initcall+0x2b/0x160
    [ 573.862666] [] ? tracepoint_module_notify+0x2f/0x40
    [ 573.862671] [] ? notifier_call_chain+0x2d/0x70
    [ 573.862678] [] ? __blocking_notifier_call_chain+0x4d/0x60
    [ 573.862682] [] ? sys_init_module+0xb1/0x1f0
    [ 573.862686] [] ? sysenter_do_call+0x12/0x28
    [ 573.862688] Code: 89 48 08 b8 04 00 00 00 e8 df aa ec ff ba f4 ff ff ff 85
    c0 89 43 14 74 31 b8 b0 18 71 c0 e8 19 b9 24 00 a1 c4 18 71 c0 8d 53 0c 50
    04 89 43 0c b8 b0 18 71 c0 c7 43 10 c4 18 71 c0 89 15 c4
    [ 573.862725] EIP: [] __percpu_counter_init+0x3f/0x70 SS:ESP
    0068:f69d5eec
    [ 573.862730] CR2: 00000000f8214a24
    [ 573.862734] ---[ end trace 39c4e0b55e7cf54d ]---

    Signed-off-by: Rafael Laufer
    Signed-off-by: Vlad Yasevich
    Signed-off-by: David S. Miller

    Rafael Laufer
     
  • e84b90ae5   can: Fix raw_getname() leak ... Browse Code »

    raw_getname() can leak 10 bytes of kernel memory to user

    (two bytes hole between can_family and can_ifindex,
    8 bytes at the end of sockaddr_can structure)

    Signed-off-by: Eric Dumazet
    Acked-by: Oliver Hartkopp
    Signed-off-by: David S. Miller

    Eric Dumazet
     
  • b79a79471   Fix xfrm hash collisions by changing __xfrm4_daddr_saddr_hash to hash addresses with addition ... Browse Code »

    This patch fixes hash collisions in cases where number
    of entries have incrementing IP source and destination addresses
    from single respective subnets (i.e. 192.168.0.1-172.16.0.1,
    192.168.0.2-172.16.0.2, and so on.).

    Signed-off-by: Jussi Maki
    Signed-off-by: David S. Miller

    Jussi Mäki
     
  • f222e8b40   Merge branch 'master' of /home/davem/src/GIT/linux-2.6/ Browse Code »
    David S. Miller
     

08 Aug, 2009

1 commit

07 Aug, 2009

6 commits

06 Aug, 2009

3 commits